program:
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x1000020, &(0x7f0000000440)=ANY=[], 0x1, 0x156, &(0x7f0000000240)="$eJzs271OwlAYxvHnAALiF4o6GAcTB12kfEQSN70UApUQixpxgTjoFXgN3pkXoIObkxgawEQ+mkjsifb/W/o2T0/6djjtu1QAIutUezIySvZPdtPZx5yx3RKAkPQGx48egOiJv9vuAIAdr2fSs6SXt7ua4smx+aCf3w/zWGo8f5B2EoPcpLX4fb54kg6G601m4vrMKF+amB/uD++/rBWtak1ZrWtDuUFeH63fnmMSAgAgOozyQfnMC2I6b3puYWq+4OfFqXnSz0sBeXlqnvLzfO3Kq89qE8AEsTn3fzxg/ycC9j8Ae9qd7kXV89wbCgoKilFh+80E4Lc5t61rp93pHjVb1YbbcC9LhcJJ5bhcrJQcf7J3Zs/3AP6ur4++7U4AAAAAAAAAAAAAAMBPbWrLdgsAAAAAQhLG70S2nxEAAAAAAAAAAAAAAAAAgP/mMwAA//9E/CIc")
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x3376039, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000001980)=[{}], &(0x7f0000003300)=0x8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000001440)={'vxcan1\x00'})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001640), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000340)={0x0, 0x6, &(0x7f0000000300)={&(0x7f0000000600)={0xac, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0x90, 0x7d, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x5, 0x1, 'H'}, @NL80211_BAND_6GHZ={0x0, 0x3, "b1742408480afd4971294b3776223e63e76acee7800d2e19fdc8ec96367e2c453f566667810b6d8571db9f3b85d46fcea5fcd71196dec6c6bde6fcebbc3d60cc4e0a2b5ba66e0b329dd0b078b5af39d211f8806db7ed0705144b68120c4f5e06d653d0683c8d4185f76e3356eb731ebdb748d36030865bd2c62afb0f89f0b5119c2024cca0fcee26ec627c661fc8d3a643bff35ac39b60907d55bed3399968f1f3d0007be14aff3404c05f9204e676ab83f963bde2fdd2dff3d6c3a5f7603eb39f6c94e5aad28437"}]}]}, 0xac}}, 0x0)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r2, &(0x7f0000001740)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001700)={&(0x7f0000001680)={0x58, r3, 0x8, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x2, 0x1f}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x55}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xc}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x31}]}, 0x58}, 0x1, 0x0, 0x0, 0x80}, 0x4040880)
mount(&(0x7f00000014c0)=@filename='./file0\x00', &(0x7f0000001500)='./file0\x00', &(0x7f00000015c0)='erofs\x00', 0x4000, 0x0)
r7 = accept$netrom(0xffffffffffffffff, &(0x7f0000000040)={{0x3, @netrom}, [@default, @bcast, @bcast, @default, @netrom, @default, @netrom, @null]}, &(0x7f00000000c0)=0x48)
recvmmsg(r7, &(0x7f0000001380)=[{{&(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000001540)=[{&(0x7f00000003c0)=""/84, 0x54}, {&(0x7f0000000440)=""/122, 0x7a}, {&(0x7f0000000200)=""/40, 0x28}, {&(0x7f00000004c0)=""/18, 0x12}, {&(0x7f0000000500)=""/242, 0xf2}, {&(0x7f0000001440)=""/85, 0x55}, {&(0x7f0000000600)=""/114, 0x72}], 0x7, &(0x7f0000000680)=""/224, 0xe0}, 0xdc}, {{&(0x7f0000000780)=@rc={0x1f, @none}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/250, 0xfa}, {&(0x7f0000000900)=""/28, 0x1c}, {&(0x7f0000000940)=""/255, 0xff}, {&(0x7f00000019c0)=""/4096, 0x1000}, {&(0x7f0000000a40)=""/251, 0xfb}], 0x5, &(0x7f0000000bc0)=""/109, 0x6d}, 0x80000000}, {{&(0x7f0000000c40)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000001280)=[{&(0x7f0000000cc0)=""/253, 0xfd}, {&(0x7f0000000dc0)=""/93, 0x5d}, {&(0x7f0000000e40)=""/134, 0x86}, {&(0x7f0000000f00)=""/227, 0xe3}, {&(0x7f0000001000)=""/186, 0xba}, {&(0x7f00000010c0)=""/190, 0xbe}, {&(0x7f0000001180)=""/175, 0xaf}, {&(0x7f0000001240)=""/56, 0x38}], 0x8, &(0x7f0000001300)=""/122, 0x7a}, 0x1000}], 0x3, 0x40, &(0x7f00000032c0))

[   79.219296][ T4530] Bluetooth: hci0: command tx timeout
[   79.317643][ T5110] loop0: detected capacity change from 0 to 64
[   79.357547][ T5110] ./file0: Can't lookup blockdev
[   79.367247][ T5110] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   79.370249][ T5110] #PF: supervisor instruction fetch in kernel mode
[   79.372752][ T5110] #PF: error_code(0x0010) - not-present page
[   79.375358][ T5110] PGD 34e5c067 P4D 34e5c067 PUD 3f70e067 PMD 0 
[   79.377757][ T5110] Oops: Oops: 0010 [#1] PREEMPT SMP KASAN NOPTI
[   79.380147][ T5110] CPU: 0 UID: 0 PID: 5110 Comm: syz.0.0 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[   79.383854][ T5110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.387908][ T5110] RIP: 0010:0x0
[   79.389274][ T5110] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   79.392010][ T5110] RSP: 0018:ffffc9000309f9f8 EFLAGS: 00010287
[   79.394317][ T5110] RAX: ffffffff81cb4ee0 RBX: 0000000000000000 RCX: 0000000000040000
[   79.397298][ T5110] RDX: ffffc9000b819000 RSI: ffffea00008cb2c0 RDI: 0000000000000000
[   79.400316][ T5110] RBP: ffffc9000309fac0 R08: ffffea00008cb2c7 R09: 1ffffd4000119658
[   79.403347][ T5110] R10: dffffc0000000000 R11: 0000000000000000 R12: ffffea00008cb2c0
[   79.406448][ T5110] R13: 1ffffd4000119659 R14: 0000000000000000 R15: ffffea00008cb2c8
[   79.409584][ T5110] FS:  00007f13c73ff6c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000
[   79.412931][ T5110] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   79.415439][ T5110] CR2: ffffffffffffffd6 CR3: 000000004c128000 CR4: 0000000000350ef0
[   79.418447][ T5110] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   79.421511][ T5110] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   79.424502][ T5110] Call Trace:
[   79.425867][ T5110]  <TASK>
[   79.427026][ T5110]  ? __die_body+0x88/0xe0
[   79.428781][ T5110]  ? page_fault_oops+0x8e4/0xcc0
[   79.430652][ T5110]  ? __pfx_page_fault_oops+0x10/0x10
[   79.432562][ T5110]  ? rcu_is_watching+0x15/0xb0
[   79.434390][ T5110]  ? is_errata93+0xbe/0x260
[   79.436134][ T5110]  ? exc_page_fault+0x5ed/0x8c0
[   79.438024][ T5110]  ? asm_exc_page_fault+0x26/0x30
[   79.439936][ T5110]  ? filemap_read_folio+0x190/0x790
[   79.441984][ T5110]  filemap_read_folio+0x1a0/0x790
[   79.443880][ T5110]  ? __pfx_filemap_read_folio+0x10/0x10
[   79.446015][ T5110]  ? __filemap_get_folio+0x984/0xc10
[   79.448053][ T5110]  do_read_cache_folio+0x134/0x820
[   79.450020][ T5110]  erofs_bread+0x499/0xd40
[   79.451843][ T5110]  erofs_fc_fill_super+0x345/0x1770
[   79.453895][ T5110]  ? __pfx_erofs_fc_fill_super+0x10/0x10
[   79.456225][ T5110]  ? sget_fc+0x909/0x9c0
[   79.458447][ T5110]  ? __pfx_set_anon_super_fc+0x10/0x10
[   79.461638][ T5110]  ? __pfx_erofs_fc_fill_super+0x10/0x10
[   79.463782][ T5110]  get_tree_nodev+0xb7/0x140
[   79.465683][ T5110]  vfs_get_tree+0x90/0x2b0
[   79.467484][ T5110]  do_new_mount+0x2be/0xb40
[   79.469359][ T5110]  ? __pfx_do_new_mount+0x10/0x10
[   79.471368][ T5110]  __se_sys_mount+0x2d6/0x3c0
[   79.473247][ T5110]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   79.475575][ T5110]  ? __pfx___se_sys_mount+0x10/0x10
[   79.477547][ T5110]  ? do_syscall_64+0x100/0x230
[   79.479449][ T5110]  ? __x64_sys_mount+0x20/0xc0
[   79.481331][ T5110]  do_syscall_64+0xf3/0x230
[   79.483177][ T5110]  ? clear_bhb_loop+0x35/0x90
[   79.485074][ T5110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.487566][ T5110] RIP: 0033:0x7f13c757def9
[   79.489433][ T5110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.497868][ T5110] RSP: 002b:00007f13c73ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   79.501023][ T5110] RAX: ffffffffffffffda RBX: 00007f13c7735f80 RCX: 00007f13c757def9
[   79.503938][ T5110] RDX: 00000000200015c0 RSI: 0000000020001500 RDI: 00000000200014c0
[   79.506867][ T5110] RBP: 00007f13c75f0b76 R08: 0000000000000000 R09: 0000000000000000
[   79.509776][ T5110] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000000
[   79.512665][ T5110] R13: 0000000000000000 R14: 00007f13c7735f80 R15: 00007ffd2ee658e8
[   79.515554][ T5110]  </TASK>
[   79.516721][ T5110] Modules linked in:
[   79.518256][ T5110] CR2: 0000000000000000
[   79.519822][ T5110] ---[ end trace 0000000000000000 ]---
[   79.521865][ T5110] RIP: 0010:0x0
[   79.523111][ T5110] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   79.525789][ T5110] RSP: 0018:ffffc9000309f9f8 EFLAGS: 00010287
[   79.527993][ T5110] RAX: ffffffff81cb4ee0 RBX: 0000000000000000 RCX: 0000000000040000
[   79.531016][ T5110] RDX: ffffc9000b819000 RSI: ffffea00008cb2c0 RDI: 0000000000000000
[   79.534010][ T5110] RBP: ffffc9000309fac0 R08: ffffea00008cb2c7 R09: 1ffffd4000119658
[   79.536998][ T5110] R10: dffffc0000000000 R11: 0000000000000000 R12: ffffea00008cb2c0
[   79.539927][ T5110] R13: 1ffffd4000119659 R14: 0000000000000000 R15: ffffea00008cb2c8
[   79.542835][ T5110] FS:  00007f13c73ff6c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000
[   79.546154][ T5110] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   79.548743][ T5110] CR2: ffffffffffffffd6 CR3: 000000004c128000 CR4: 0000000000350ef0
[   79.551715][ T5110] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   79.554780][ T5110] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   79.557757][ T5110] Kernel panic - not syncing: Fatal exception
[   79.560266][ T5110] Kernel Offset: disabled
[   79.561900][ T5110] Rebooting in 86400 seconds..